Attack Protection does not work

[shmurakami]

Describe the problem

Some error occurred while setting attack protection.

• terraform apply received payload validation error

│ Error: 400 Bad Request: Payload validation error: 'Additional properties not allowed: stage'.
│
│ with module.auth0.auth0_attack_protection.attack_protection,
│ on ../../../modules/auth0/attack_protection.tf line 1, in resource "auth0_attack_protection" "attack_protection":
│ 1: resource "auth0_attack_protection" "attack_protection" {

and then, next plan or apply occurs segmentation fault.

• terraform import occurred segmentation fault

Actually I have set attack protection in my tenant so I tried import its state however SIGSEGV occurred. Stack trace is below.

Stack trace

Stack trace from the terraform-provider-auth0_v0.28.0 plugin:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x1b0d024]

goroutine 42 [running]:
github.com/auth0/terraform-provider-auth0/auth0.flattenSuspiciousIPThrottling(0xc00014bc60, 0x0, 0x0, 0x0)
github.com/auth0/terraform-provider-auth0/auth0/resource_auth0_attack_protection.go:270 +0x1e4
github.com/auth0/terraform-provider-auth0/auth0.readAttackProtection(0xc000450a10, 0x1ca3fc0, 0xc00045d400, 0xc000450a10, 0x0)
github.com/auth0/terraform-provider-auth0/auth0/resource_auth0_attack_protection.go:225 +0x14a
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Resource).RefreshWithoutUpgrade(0xc0005901b0, 0xc000437ae0, 0x1ca3fc0, 0xc00045d400, 0xc00000f690, 0x0, 0x0)
github.com/hashicorp/[email protected]/helper/schema/resource.go:460 +0x12e
github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin.(*GRPCProviderServer).ReadResource(0xc00012e028, 0x1fb5ad0, 0xc000447650, 0xc00044c600, 0xc00012e028, 0xc000447650, 0xc0005edba0)
github.com/hashicorp/[email protected]/internal/helper/plugin/grpc_provider.go:525 +0x3dd
github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5._Provider_ReadResource_Handler(0x1d791e0, 0xc00012e028, 0x1fb5ad0, 0xc000447650, 0xc00044c5a0, 0x0, 0x1fb5ad0, 0xc000447650, 0xc0004641b0, 0x8c)
github.com/hashicorp/[email protected]/internal/tfplugin5/tfplugin5.pb.go:3269 +0x214
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0003cb6c0, 0x1fbfc98, 0xc000103980, 0xc0005f6000, 0xc0003f9290, 0x260fad0, 0x0, 0x0, 0x0)
google.golang.org/[email protected]/server.go:1180 +0x52b
google.golang.org/grpc.(*Server).handleStream(0xc0003cb6c0, 0x1fbfc98, 0xc000103980, 0xc0005f6000, 0x0)
google.golang.org/[email protected]/server.go:1503 +0xd0c
google.golang.org/grpc.(*Server).serveStreams.func1.2(0xc000120c10, 0xc0003cb6c0, 0x1fbfc98, 0xc000103980, 0xc0005f6000)
google.golang.org/[email protected]/server.go:843 +0xab
created by google.golang.org/grpc.(*Server).serveStreams.func1
google.golang.org/[email protected]/server.go:841 +0x1fd

Error: The terraform-provider-auth0_v0.28.0 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.

What was the expected behavior?

Set attack protection setting properly.

Reproduction

1. Use tf file as below

resource "auth0_attack_protection" "attack_protection" {
  suspicious_ip_throttling {
    enabled   = true
    shields   = ["admin_notification"]
    allowlist = []
  }

  brute_force_protection {
    enabled      = true
    shields      = ["block", "user_notification"]
    allowlist    = []
    mode         = "count_per_identifier"
    max_attempts = 3
  }

  breached_password_detection {
    enabled                      = true
    shields                      = ["admin_notification", "user_notification"]
    admin_notification_frequency = ["daily", "weekly", "monthly"]
    method                       = "standard"
  }
}

2. run terraform plan or terraform import

Environment

• Version of terraform-provider-auth0 used: 0.28.0

• Other modules/plugins/libraries that might be involved: No

• Version of my Auth0 tenant: Private Cloud 2202.1 (30269.1742)

[sergiught]

Hey @shmurakami, thanks a lot for taking the time to raise this issue with us.

This is currently caused due to a difference in behavior between PSAAS and Public Cloud for this endpoint. Where the PreLogin and PreUserRegistration properties on the Stage object are not allowed to be configured.

We will work on a patch to account for this behavior change and will make a release shortly.
We will also take a look at the error handling as we should have at least failed gracefully.

We'll keep this issue open until resolved and will let you know when this is fixed.

Thanks again for your time and patience.

[shmurakami]

Thank you for your respond! I got it.
I will try again after it's fixed.

[sergiught]

Hey @shmurakami, we have an open PR with a potential fix for the issue at hand.

PR: #86

Would you consider kindly testing it against your tenant before we merge it in a release?

[sergiught]

Hey @shmurakami we're about to cut a release with the fix:) stay tuned.

[sergiught]

This is now available under https://github.com/auth0/terraform-provider-auth0/releases/tag/v0.28.1.

Thanks a lot again for opening this issue and for being patient with the fix:)

[shmurakami]

Whoops, I missed it. I will try latest version. Thank you for fast updating!